- Crypto investigator ZachXBT traced stolen Bittensor funds worth $28 million.
- Funds moved through the privacy tool Railgun and ended up in instant exchanges, then switched to Monero.
- ZachXBT used timing and amount analysis to connect the Railgun withdrawals to three addresses.
- The laundered crypto was spent on anime-themed NFTs and washed through high-priced NFT sales.
- A Bittensor user named “Rusty” was linked to the addresses, and denies involvement in the theft.
Bittensor, a decentralized protocol, experienced a supply chain hack in 2024 that caused $28 million in losses from 32 holders of its TAO token. Crypto investigator ZachXBT said he traced the stolen funds through the crypto mixer Railgun and linked them to a suspect already connected to NFT wash trading.
ZachXBT reported that close to $5 million, in Ethereum, USD Coin (USDC), and wrapped Ethereum, filtered through Railgun in several batches. He detailed that he was able to follow these funds as they were converted into privacy-centric cryptocurrency Monero using instant crypto exchanges.
ZachXBT explained his approach: “I deanonymized the Railgun withdrawals to three addresses… by applying timing / amount heuristics.” He cited the use of unique transaction sizes and short time windows to match withdrawals with earlier deposits. He noted, “The unique denominations and short deposit time makes the demix high confidence.”
Railgun works like other crypto mixers, aiming to hide the origin or destination of crypto transfers. Despite its privacy focus, ZachXBT’s analysis showed that certain patterns can reveal user identities. Railgun has sometimes recovered stolen assets, such as in the $9.5 million Starknet hack, but is also used by groups like the Lazarus Group from North Korea. Vitalik Buterin has praised Railgun’s privacy pools mechanism as a way to block criminal funds without intrusive monitoring.
Once laundered, the stolen crypto passed through three more addresses and then went into purchasing anime-themed NFTs. According to ZachXBT, “It’s extremely rare to see exploits/hacks involve NFT wash trading.” The NFTs, including items from the Killer GF series, were then sold for inflated prices and the funds changed hands again.
One wallet receiving these funds was linked to a Bittensor user with the alias “Rusty,” who also created the Skrtt racing crypto project. A lawsuit against those suspected in the Bittensor hack identified Rusty as Ayden B., who denies involvement but acknowledged holding the relevant wallets.
ZachXBT stated, “Hopefully law enforcement eventually moves forward with a criminal case in the future.”
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin Miners Harness Green Energy as Global Compute Surges
- Bittensor’s TAO Surges 32% Amid Market Crash, Halving Hype Grows
- OCC Grants Preliminary Approval to Erebor Bank for Crypto Clients
- Peraire-Bueno Brothers Face Trial for $25M Ethereum MEV Exploit
- US Seizes $14B in Bitcoin—Debate Rages Over Reserve or Restitution
